Support IPv6 for nerdctl network #1558
Conversation
|
this may inspire you https://github.com/containerd/nerdctl/pull/127/files :-D |
yuchanns
force-pushed
the
1547
branch
6 times, most recently
from
d6c34cf
to
003bfe9
Compare
yuchanns
force-pushed
the
1547
branch
2 times, most recently
from
e37e19c
to
9cb7f5b
Compare
yuchanns
force-pushed
the
1547
branch
15 times, most recently
from
2691e2d
to
99fd8ae
Compare
|
@containerd/nerdctl-maintainers Hey guys I'm encountering issues. The CI cannot pass when allocating the IPv6 address but test cases work well locally on my laptop. Later @Zheaoli figured out that the problem is lacking IPv6 support in test runners. And I reproduced the scene on the local host after disabling IPv6 support and confirmed that. The matter is that GHA seems not to support IPv6 on test runners yet (and not going to) according to actions/runner-images#668. Any ideas? |
|
Blocked by lacking IPv6 test support. There is proposal #2031 |
yuchanns
force-pushed
the
1547
branch
7 times, most recently
from
8b861d4
to
a8e3cb3
Compare
yuchanns
force-pushed
the
1547
branch
2 times, most recently
from
354e63c
to
2e9f4c0
Compare
| @@ -200,6 +239,8 @@ jobs: | |||
| sudo apt-get install -y expect | |||
| - name: "Ensure that the integration test suite is compatible with Docker" | |||
| run: go test -timeout 20m -v -exec sudo ./cmd/nerdctl/... -args -test.target=docker -test.kill-daemon | |||
| - name: "Ensure that the IPv6 integration test suite is compatible with Docker" | |||
| run: go test -timeout 20m -v -exec sudo ./cmd/nerdctl/... -args -test.target=docker -test.kill-daemon -test.ipv6 | |||
There was a problem hiding this comment.
Doesn't this need reconfiguring sysctl and /etc/docker/daemon.json ?
There was a problem hiding this comment.
No. Fun fact 😂
When the parameter --test.ipv6 is enabled, those non-IPv6 tests will not run. I do this because when it comes to nerdctl, IPv6 and non-IPv6 tests can not run together. (integration-tests-ipv6 uses host network that results in some problems with non-IPv6 tests. This may caused by running nerdctl tests nested inside docker and qemu).
I'd like to take your advice if there is a better idea.
There was a problem hiding this comment.
Somehow the integration-tests-ipv6 fails to run nested inside docker and qemu, despite sysctl and daemon being configured. Later @Zheaoli figured out a solution by using network=host to run it successfully. However, this leads to non-IPv6 test failure. So I have to separate the IPv6 test.
There was a problem hiding this comment.
hmm, it should be able to run nested, but nested networks are complex and hard to debug, maybe you are missing certain sysctl or something, who knows
| - name: "Register QEMU (tonistiigi/binfmt)" | ||
| run: docker run --privileged --rm tonistiigi/binfmt --install all | ||
| - name: "Run integration tests" | ||
| run: docker run --network host -t --rm --privileged test-integration-ipv6 |
There was a problem hiding this comment.
Please add a comment to explain why we need (and why we can safely(?) use) --network host
Co-authored-by: Zheao Li <me@manjusaka.me> Signed-off-by: Hanchin Hsieh <me@yuchanns.xyz>
|
Thanks @yuchanns @AkihiroSuda |
Hanchin Hsieh (yuchanns) served as a Reviewer of nerdctl from November 2022 to June 2024. Hanchin has made significant contributions such as the addition of syslog driver (containerd#1377) and IPv6 networking (containerd#1558). We show our huge appreciation to Hanchin. Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Fix #1547
FYI: cni-ipam
Tasks:
network createcommand.--ip6argument for thecontainer runcommand.Signed-off-by: Hanchin Hsieh me@yuchanns.xyz
Co-authored-by: Zheao Li me@manjusaka.me